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[57] ABSTRACT 

A Virtual' encryption scheme combines selected ones of 
plurality of different encryption operators stored in an 
encryption operator database into a compound sequence of 
encryption operators. Data to be transported from a data 
source site, such as a user workstation, to a data recipient 
site, such as another workstation, is sequentially encrypted 
by performing a compound sequential data flow through this 
sequence prior to transmission. Because of the use of 
successively different encryption operators, the final output 
of the sequence will be a compound-encrypted data stream 
that has no readily discernible encryption footprint. 
Therefore, even if a skilled data communications usurper 
possesses a decryption key for each encryption operators, 
there is a very low likelihood that he would be able to 
recognize the characteristics of any individual encryption 
operator. Moreover, without knowledge of the sequence of 
encryption operators a potential usurper will be forced to 
operate under a severe resource penalty that makes decryp- 
tion of such a compound sequence a practical impossibility. 
At the recipient end of the data communications path, the 
recovery process involves the use of a complementary 
virtual decryption scheme that is the exact reverse of that 
used at the data source site. 

4 Claims;, 3 Drawing Sheets 
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'VIRTUAL' ENCRYPllON SCHEME 
COMBINING DIFFERENT ENCRYPTION 
OPERATORS INTO COMPOUND- 
ENCRYPTION MECHANISM 

FIELD OF THE INVENTION 

The present invention relates in general to data processing 
and communication systems, and is particularly directed to 
a data communication access control mechanism for 
enabling a computer end user to securely encrypt data 
communications in such a manner that effectively prevents 
a usurper from decrypting the data. 

BACKGROUND OF THE INVENTION 

The rapid expansion of the data communications industry, 
in particular the Internet and the World Wide Web (WWW), 
sometimes referred to as the superinformation highway, has 
provided data processing system users with what is effec- 
tively global communication link interconnecting a vast 
number of databases and other network users. The local link 
between the network and the user is typically by way of a 
phone line (e.g., analog or ISDN, for example) of a public 
communication service provider, with the workstation hard- 
ware including a modem or terminal adapter equipment that 
allows dial-up access between the user and a remote party. 
Since a user's workstation is coupled directly to such 
interface equipment, not only can the workstation user 
access any other party having similar network access, but 
any other party can call the user's workstation. 

More particularly, as ^grammatically illustrated in FIG. 
1, a user workstation 10 may typically be coupled via a 
communication link 11 to a local area network (LAN) 20 by 
way of a LAN interface 13, which also provides access to an 
external, public communication services (PCS) network, 
such as the Internet 30. LAN 20 customarily includes one or 
more computer-based units, such as the illustrated worksta- 
tions 21 and 22, network server 23 and printer 24, which are 
interconnected via a hub 25. The hub 25 is connected to 
interface 13, so that the end user workstation 10 may access 
any unit of the local area network 20. Similarly, to connect 
to the external network 30, the network interface 13 may be 
coupled through an electronic mail gateway 32 and a modem 
33, so that a dial-up connection may be provided to an 
Internet connection provider 34, through which direct access 
to the Internet 35 is achieved. 

Because a public communication system is a potential 
window into any computer linked to it, it is customary to 
both wrap or embed all communications in a ' security 
blanket' (some form of encryption) at the source end, and to 
employ one or more permission code (password) layers that 
must be used to gain access to another computer. 
Unfortunately, a fundamental characteristic of essentially all 
encryption operators or algorithms is the fact that, given 
enough resources, almost any encryption algorithm can be 
broken. This, coupled with the fact that each encryption 
algorithm has a ' footprint' , which is discernible in the 
scrambled data by a sophisticated data communications 
analyst, means that no data communication can be guaran- 
teed as secure. 

SUMMARY OF THE INVENTION 

In accordance with the present invention, this problem is 
effectively remedied by a 'virtual' encryption scheme that 
combines selected ones of plurality of different encryption 
operators stored in an encryption operator database into a 
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compound sequence of encryption operators. Data to be 
transported from a data source site, such as a user 
workstation, to a destination or data recipient site, is sequen- 
tially encrypted by performing a compound sequential data 

5 flow through this sequence prior to transmission. 

By 'virtual* encryption scheme is meant that the overall 
encryption operator itself does not actually perform any 
encrypting of the data. Instead, it assembles selected ones of 
a plurality of true encryption mechanisms into a cascaded 

1° sequence of successively different encryption operators, 
each of which operates on the data, to realize a scrambled 
data stream that is not practically decryptable by a sophis- 
ticated data communications usurper. 

For this purpose, a plurality of respectively different data 

15 encryption operators are stored in an encryption algorithm 
database, with each operator having an associated access 
address code through which the operator may be readily 
called up or accessed to operate on a data sequence of 
interest. The fundamental mechanism of the virtual encryp- 

20 tion scheme of the invention involves the generation of a 
sequence of the access codes, with immediately successive 
ones of the access codes of the sequence being different from 
one another. 

25 This access code sequence is employed to call up or read 
out from the database selected ones of the respectively 
different data encryption operators so as to produce or 
assemble a sequence of data encryption operators. Because 
immediately successive ones of the access codes of the 

3Q access code sequence are different from one another, then 
their associated data encryption operators that have been 
assembled into the sequence of data encryption operators are 
also successively different from one another. When the data 
is applied to the generated sequence of individual encrypting 

3S operators, what results is a scrambled data stream having no 
readily discernible encryption footprint that would imply 
what encryption mechanism has been used and facilitate 
decryption by a sophisticated data communications usurper. 
Since it is 'virtual', the success of the encryption operator 

40 assembly mechanism of the invention does not rely upon the 
sophistication or complexity of any given encryption opera- 
tor within its database. As a consequence, even conventional 
encryption operators may be used. The key to the success of 
the present invention is the fact that the data stream is 

4S wrapped or encrypted multiple times prior to transmission, 
with each successive wrap of the data presenting an encryp- 
tor that is different from the previous operator in the 
sequence. 

In its simplest form, the virtual encryption scheme of the 

50 invention may comprise as few as two or three respectively 
different encryption operators. The order of the encryptors 
within the sequence to which the data is applied may vary as 
desired, and the sequence may 'toggle' or switch back and 
forth between the same set of encryption operators as part of 

55 its overall encryptor flow. 

Because the encryption process of the invention subjects 
the data to successively different encryption operators, the 
final output of the sequence will be a compound-encrypted 
data stream that has no readily discernible encryption foot- 

60 print. As a consequence, even if a skilled data communica- 
tions usurper were to possess a decryption key for each of 
the encryption operators of which the compound encrypted 
data stream is comprised, there is a very low likelihood that 
he would be able to recognize the characteristics of any 

65 individual encryption operator. Moreover, without knowl- 
edge of the sequence of encryption operators through which 
the data has been encrypted, a usurper will be forced to 
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operate under a severe resource penalty that makes decryp- context of the present invention is an 'exterior* data flow 

tion of such a compound sequence a practical impossibility. operation to which an entire data stream, that has already 

At the recipient end of the data communications path, the bcea subjected to the above discussed 'interior' data pro- 
recovery process involves the use of a complementary cess ; n S °P era ^ >>* *W h f. 50 as *° scr f amble ™*^y 
virtual decryption scheme that is the exact reverse of that 5 render unintelligible the ultimate data format that results 

j . 4 . j . '* kt i * *u • • » ■* *u from such preliminary data processing operations, 

used at the data source site. Namely, at the recipient site the « <• . i • • ^ l 

received scrambled data stream is subjected to a 'virtual' . ^kmae, n ° w t0 J 1 . 6 - ^ "krypton portion of the 

, l . 11 ( , a *■ virtual encryption and decryption mechanism of the present 

decryp tor, which sequentially unwraps using a decryption . /S. *■ rl •« * * j 

i i . .i , l i / c.l invention is diagrammatically illustrated as comprising a 

key known to the recipient as being the complement ot the , . . , -j * • i * . * u 

J A . ■ *t_ * • i j * m database 100, as may be resident in a user workstation, such 

encrypting sequence, thereby recovering the original data. 10 ^ ^ ^ m ^ system ^ mQ ^ ^ 

BRIEF DESCRIPTION OF THE DRAWINGS database 100 containing a plurality of respectively different 

data encryption routine or operator entries 110-1, 100-2, 

FIG. 1 diagrammatically illustrates a user workstation 100-3, . . . , 1O0-N. The encryption routines 110, in and of 

coupled to a local area network by way of a local area 15 themselves, need not be any particular type of encryption 

network interface, which also provides access to an external algorithm and may be conventional encryption operators, 

network; such as, PGP, DES, etc. routines, as non-limiting examples. 

FIG. 2 diagrammatically illustrates a virtual encryption Each encryption operator 110-i has an associated access 

mechanism of the present invention; and address code 120-i, that is used by a memory access con- 

FIG. 3 diagrammatically illustrates a virtual decryption 20 *>tox of a supervisory encryption assembly manager 130 to 

mechanism of the present invention. c 1 a11 U P or ret ? eve a res P ectlve encryption operator 120-1 m 

the course ol generating an encryption operator sequence 
DETAILED DESCRIPTION tnat °P erates on a data stream 150 to be transmitted. 

As described briefly above, the fundamental control factor 

Before describing in detail the improved data encryption ^ used by tne virtual encryption scheme of the invention is the 

mechanism in accordance with the present invention, it fact it pro duces a sequence 160 of access address codes 

should be observed that the present invention resides pri- 12 0-i, such that immediately successive codes 120-i and 

marily in what is effectively a prescribed set of communi- 12 0-j in the assembled code sequence are different from one 

cation encryption and decryption software employed by another. Thus, for an arbitrary plurality N of respectively 

digital data terminal and communication equipment, that 3Q different data encryption routine or operator entries 110-1, 

effectively enables end users of a data communications link 100-2, 100-3, . . . , 100-N, there will be N associated access 

to conduct secure data communications therebetween with- address codes 120-1 120-2 120-3 . . . 120-N. 
out the practical possibility of successful recovery in an , n accordance ^ me invention the supervisory encryp- 

intercepted encrypted data. Uon manage r 130 is supplied with an encryption 

Consequently, the configuration of data terminal and 35 driver or key 170 comprised of a sequence of M access code 
communications units and the manner in which they are entries made up of K (at least two and up to all N) address 
interfaced with other communication equipment of a con- co de entries 120 for the encryption operators 110 stored in 
ventional (public service) communications network have the database 100. M may be any number equal to or greater 
been illustrated in the drawings by readily understandable than two. Thus, at a minimum, address code sequence 140 
block diagrams, which show only those specific details that 40 WO uld be defined by only two respectively different ones 
are pertinent to the present invention, so as not to obscure the 120-i and 120-j of the N available codes, so that M would 
disclosure with details which will be readily apparent to be equal to two, regardless of N. Even if N is only two, M 
those skilled in the art having the benefit of the description ^ still unbounded, since it may comprise an alternating 
herein. Thus, the block diagram illustrations of the Figures sequence of arbitrary length. Namely, where N*2, the data- 
are primarily intended to illustrate the major components of 45 base 100 would have only two entries 120-1 and 120-2. In 
the system in a convenient functional grouping, whereby the this case, an encryption control access code sequence of 
present invention may be more readily understood. length M could be generated as the alternating sequence 

As described briefly above, the data processing scheme of 120-1, 120-2, 120-1, 120-2, 120-1, 120-2, 120-1, 120-2, 

the present invention is effectively a 'virtual' encryption and up to M entries, where M>2. What is important is that the 

decryption scheme, as it does not actually perform any 50 respective codes of any successive pair of codes differ from 

encrypting of the data, but rather assembles selected ones of one another. 

a plurality of true encryption mechanisms into a cascaded Given this successively different address code sequence 
sequence of successively different encryption operators. It is 140, to encrypt the data stream 150, the supervisory encryp- 
the individual operators of the assembly that operate on the tion assembly manager 130 initiates the encryption process 
data. Data that has been sequentially encrypted by the 55 by calling up the first operator entry 110 associated with the 
individual encrypting operators of the virtual encryption first code 120 of the sequence 140 and applies the data 150 
scheme of the present invention is thus scrambled such that to that first encryption operator entry, so as to ' wrap' the data 
is not practically decryptable by a sophisticated data com- with that encryption operator. The supervisory encryption 
munications usurper. then calls up the second operator entry 110 associated with 
Thus it is to be understood that the term encryption is not 60 the second code 120 of the sequence 140 and applies the 
to be confused with other types of 1 interior* or * preliminary' initially wrapped data to the second first encryption operator 
data processing operations, such as code conversion, entry, so as to 'wrap* the previously encrypted data with the 
compression, the generation of a forward error correcting next encryption operator. This successive process of access- 
checksum sequence that is appended to the data, or other ing sequentially differing encryption operators and wrapping 
types of signal processing mechanisms that are intended to 65 the previously encrypted data continues until the last access 
improve signal-to- noise ratio (reduce bit error rate), or code in the encryption control sequence 140 is processed, 
improve channel bandwidth occupancy. Encryption in the The compound-encrypted data is then transmitted over com- 
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munication path, such as the communication link 11 of the be forced to operate under such a severe resource penalty 

network of FIG. 1, to a local area network (LAN) 20 by way that decryption of such a compound encryption sequence is 

of a LAN interface 13, which also provides access to an practically impossible. 

external public communication services (PCS) network, As described briefly above, at the recipient end of the data 

suc^ as the internet ; 5 communications path, the recovery process involves the use 

Tb provide non-hmitingi lustrationjet it be assumed that of a complemeQtlry virtual decr yp t i on scheme that is the 

the encryption operator database 100 contains only three exact rev6fse of ^ d ^ d j n 

respectively different encryption operator entnes 11 OA, . . - - - . . . • • , 

1106 and HOC. As described above, an encryption operator sh , own m FIG -. 3 ' for for ^ 0UJ 8 exam P^ at ^ rec ^ e ° l 

sequence may be assembled using each of the three opera- 10 slte ' a ""P™? decryption disassembly manager 230 

, n * j * * 10 processes the received scrambled data stream using a vir- 

tors as participants that are permuted into an arbitrary f , , «. « t . , * , 

sequence, the length and composition of which is open ! ual tor ' "f, ^ a decryption code 

5 , , ,, ° . , ... . j .i . . . , key 270 known to the recipient as being the reverse or 

ended. In the present example, it will be assumed that a total ' . . ... .. r . , ° . 

cc . ... . , j • .u c . complement of the encryption-control access code sequence 

of five encryptions will be performed, using the live operator 14n r , •» 

sequence: 110A-110B-110C-110A-110C. Thus, the encryp- 1S 14U at me source slte ' 

tion driver or control key 170 supplied to the supervisory In accordance with the encryption operator sequence 

encryption assembly manager 130 will be comprised of the 110A-110B-110C-110A-110C of the present example, to 

(M-5) code sequence: 120A-120B-120C-120A-120C. decrypt the received data stream the supervisory decryption 

In accordance with this non-limiting example, as the disassembly manager 230 will execute a reverse decryption 

supervisory encryption assembly manager 130 processes 20 sequence M0 compr^d of the decryption operators having 

this sequence, it will initially access the first encryption order C-A-C-B-A. For this purpose using a decryption 

operator 110A associated with the first code 120A and cause °P 6rat ° r ac f » ^ sc 1 ucnce 26 »> memory access 

the data 150 to be processed by the encrypting data flow controller of the supervisory decryption manager 230 wil 

operation embedded in the encryption operator 110A, pro- S enerate » sequence of addresses 220 that sequentially 'call 

ducing a first 'A^ncrypted' data stream. The supervisory 25 "P a set of reverse ordered decryption operators 210C-210A- 

encryption assembly manager 130 will next access the 210C-210B-210A stored in a decryption operator database 

second encryption operator 110B associated with the second 200 - For ^j^ nt exam P le >. * ^ ™ tiall y S enerate an 

code 120B in the five code sequence 140 and cause the a f„^ c ° de 220C associated with a first .decryption operator 

A-encrypted data to be processed by the encrypting data 210C of the set of decryption routmes 210 stored in database 

flow operation embedded in the second encryption operator 30 200. This first accessed decryption operator 210C causes the 

HOB, producing a second, compound encryption of the received compound-encrypted data stream to be processed 

original data stream as a B-encryplion of the A-encrypted ^ decrypting data flow operation embedded in the 

^ ata decryption operator 210C, thereby producing a first 

v * . ^ L1 'C-decrypted' or partially 'unwrapped' data stream. 

Next, supervisory encryption assembly manager 130 Jr r J rr 

accesses the third encryption operator HOC associated with 35 Next > the second decryption operator 210A associated 

the third code 120C in the five code sequence 140 and with the second code 220A in the five code decryption code 

encrypts the B-encrypted, A-encrypted data producing a sequence 260 causes the partially unwrapped, but still mul- 

further compounded encryption of the original data 150 as a encrypted data stream to be processed by the decrypt- 

C-encryption of the B-encrypted, A-encrypted data. The ™& data flow operation embedded in the second decryption 

C-encrypted, B-encrypted, A-encrypted data stream is next 40 °P erator 210A > producing a second decryption or unwrap- 

encrypted in accordance with the fourth operator 110A for P in S of the received data stream. This decryption process is 

the five code sequence 140, which is once again the iteratively repeated, stepping through the remaining decryp- 

A-encryption operator, as defined by the fourth access code 11011 operators 210C, 210B and 210A of the five operator 

120A, producing a more complex A-encryption of the decryption sequence: 210C-210A-210C-210B-210A, so as 

C-encrypted, B-encrypted, A-encrypted data. Finally, the 45 to completely unwrap the received data stream, leaving the 

A-encrypted, C-encrypted, B-encrypted, A-encrypted data original data, plus whatever 'interior' or 'preliminary' data 

stream resulting from the first four, sequentially different processing was imparted to the data at the source site, and 

encryption operators is encrypted in accordance with the requires further processing, separate and distinct from the 

fifth and last operator 120C associated with the five code decryption of the present invention. 

sequence 140, producing a C-encryption of the A-encrypted, 50 As will be appreciated from the foregoing description, by 

C-encrypted, B-encrypted, A-encrypted data, as an combining selected ones of a plurality of true encryption 

extremely complex encryption of the original data. mechanisms into a cascaded sequence of successively dif- 

From the foregoing, it will be readily appreciated that ferent encryption operators, the virtual encryption mecha- 

subjecting the data to successively different encryption nism of the present invention is able to produce a scrambled 

operators will produce a compound-encrypted data stream 55 data stream that is not practically decryptable by a sophis- 

having no readily discernible encryption footprint. ticated data communications interceptor, thereby effectively 

Therefore, even if a skilled data communications usurper is circumventing the inability of conventional data encryption 

in possession of a decryption key for each of the encryption schemes to provide a practical guarantee of security for data 

operators A, B and C of which the five member compound communications. 

encrypted data stream of the present example is comprised, 60 While I have shown and described an embodiment in 

there is a very low likelihood that he would be able to accordance with the present invention, it is to be understood 

recognize the characteristics of any individual encryption that the same is not limited thereto but is susceptible to 

operator in the transmitted data stream. In addition, without numerous changes and modifications as known to a person 

knowledge of the composition and entry order of the skilled in the art, and I therefore do not wish to be limited 

sequence of encryption operators through which the data has 65 to the details shown and described herein, but intend to 

been encrypted by the supervisory encryption assembly cover all such changes and modifications as are obvious to 

manager, a potential data communications interceptor will one of ordinary skill in the art. 
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What is claimed: 

1. A method for controllably encrypting data to be trans- 
mitted over a communication path between a data source 
and a data recipient, comprising the steps of: 

(a) storing a plurality of respectively different data 5 
encryption operators; 

(b) generating a sequence of access codes, each of which 
is associated with a respective one of said data encryp- 
tion operators stored in step (a), with immediately 
successive ones of said access codes of said sequence 10 
being different from one another; 

(c) accessing selected ones of said respectively different 
data encryption operators stored in step (a) in accor- 
dance with said sequence of access codes generated in 
step (b), so as to produce a sequence of data encryption 
operators, in which immediately successive ones of 
said data encryption operators are different from one 
another; and 

(d) passing data to be transported over said communica- 2 o 
tion path through said sequence of data encryption 
operators produced in step (c) to produce a compound- 
encrypted data stream. 

2. A method according to claim 1, further including the 
steps of: 25 

(e) transporting said compound-encrypted output data 
stream over said communication path to said data 
recipient; and 

(f) passing said compound-encrypted output data stream 
through a sequence of decryption operators that respec- 30 
tively decrypt data that has been encrypted by said data 
encryption operators, so as to recover said data. 

3. A system for controllably encrypting data to be trans- 
mitted over a communication path between a data source site 
and a data recipient site, comprising: 

at said data source site, 

a data encryption operator database which stores a plu- 
rality of respectively different data encryption opera- 
tors; 


35 


an address code generator which generates a sequence of 
access codes, each of which is associated with a respec- 
tive one of said data encryption operators stored in said 
data encryption database, such that immediately suc- 
cessive ones of said access codes of said sequence 
differ from one another, so as to access from said data 
encryption operator database a sequence of stored data 
encryption operators, such that immediately successive 
ones of retrieved data encryption operators are different 
from one another; and 

a signal processor which is operative to apply data to be 
transported over said communication path through said 
sequence of data encryption operators accessed from 
said encryption operator database to produce a 
compound-encrypted data stream for transport over 
said communication path. 

4. A system according to claim 3, further including, at said 
data recipient site, 

a data decryption operator database which stores a plu- 
rality of respectively different data decryption opera- 
tors; 

an address code generator which generates a sequence of 
access codes, each of which is associated with a respec- 
tive one of said data decryption operators stored in said 
data decryption database, and is operative to cause a 
sequence of data decryption operators to be accessed 
from said data decryption database in accordance with 
the reverse order of said sequence of data encryption 
operators that produced said compound-encrypted data 
stream; and 

a signal processor which is operative to apply said 
compound-encrypted data stream that has been trans- 
ported over said communication path to said data 
recipient site through said sequence of data encryption 
operators accessed from said encryption operator data- 
base to recover said data. 
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